Bug 113942 - security/Denyhosts 2.6 port has a DoS issue
Summary: security/Denyhosts 2.6 port has a DoS issue
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Only Me
Assignee: freebsd-ports-bugs (Nobody)
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2007-06-22 11:50 UTC by David Bestor
Modified: 2007-06-23 07:40 UTC (History)
0 users

See Also:

Attachments
file.diff (107 bytes, patch)
2007-06-22 11:50 UTC, David Bestor 		no flags Details | Diff
patch-DenyHosts_regex.py (629 bytes, text/plain)
2007-06-22 13:55 UTC, Mohacsi Janos 		no flags Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description David Bestor 2007-06-22 11:50:08 UTC 
Denyhosts in the ports has a serious bug..

See
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=244943
see http://www.ossec.net/en/attacking-loganalysis.html#denyhosts

Fix: #############################################################
cd /usr/local/lib/python2.4/site-packages/DenyHosts/


FAILED_ENTRY_REGEX4 = re.compile(r"""Authentication failure for (?P<user>.*) .*
from (?P<host>.*)""")

-FAILED_ENTRY_REGEX5 = re.compile(r"""User (?P<user>.*) .*from (?P<host>.*) not
allowed because none of user's groups are listed in AllowGroups""")
+FAILED_ENTRY_REGEX5 = re.compile(r"""User (?P<user>.*) .*from (?P<host>.*) not
allowed because none of user's groups are listed in AllowGroups$""")

 FAILED_ENTRY_REGEX6 = re.compile(r"""Did not receive identification string .*fr
om (::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})""")

#############################################################--vAzVti9cHUDaj5zSEB0xw20yGE3let35DUNthntluzaRCtmB
Content-Type: text/plain; name="file.diff"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment; filename="file.diff"

diff -ruN regex.py.orig1 regex.py
#Make change below and
/usr/local/etc/rc.d/denyhosts.sh restart
How-To-Repeat: see http://www.ossec.net/en/attacking-loganalysis.html#denyhosts
Comment 1 Edwin Groothuis freebsd_committer freebsd_triage 2007-06-22 13:05:15 UTC 
State Changed
From-To: open->feedback

Awaiting maintainers feedback
Comment 2 Mohacsi Janos 2007-06-22 13:55:07 UTC 
Approved the changes. To easier commit new files attached to be put in 
files directory
Comment 3 Mark Linimon freebsd_committer freebsd_triage 2007-06-22 16:35:57 UTC 
State Changed
From-To: feedback->open

Maintainer approved.
Comment 4 Rong-En Fan freebsd_committer freebsd_triage 2007-06-23 07:35:24 UTC 
State Changed
From-To: open->closed

Committed. Thanks!
Comment 5 dfilter service freebsd_committer freebsd_triage 2007-06-23 07:35:24 UTC 
rafan       2007-06-23 06:35:16 UTC

  FreeBSD ports repository

  Modified files:
    security/denyhosts   Makefile 
  Added files:
    security/denyhosts/files patch-DenyHosts_regex.py 
  Log:
  - Fix a DoS issue
  
  PR:             ports/113942
  Security:       http://www.ossec.net/en/attacking-loganalysis.html#denyhosts
  Submitted by:   David Bestor <freebsd1 at indenial.com>
  Approved by:    Janos Mohacsi <mohacsi at niif.hu> (maintainer)
  
  Revision  Changes    Path
  1.8       +1 -0      ports/security/denyhosts/Makefile
  1.1       +11 -0     ports/security/denyhosts/files/patch-DenyHosts_regex.py (new)
_______________________________________________
cvs-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/cvs-all
To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"